(Continued from this entry: Spam from SMS.ac.)
Update: Joi Ito received an empty legal threat from Kevin Jones at SMS.ac. Kevin Jones also left a message on my answering machine asking for information on vigilantes who had been posting SMS.ac executives’ personal info in my comments. I’ve noticed GMail and Yahoo Mail are now automatically marking all SMS.ac invitations as “spam,” and shunting them directly to the Junk Mail folder. Heh.
Responding to complaints, “Sean” from SMS.ac (that’s where his IP resolves) comments (here and elsewhere) that there’s a PDF guide on the registration page explaining the
spammer script Address Book Synchronizer. I’m trying out the signup now, and finding several usability-related problems with the whole process:
- Documentation is a PDF, and not a very good one. Not everyone has Adobe Acrobat Reader, and of those, there are even fewer who will slog through the whole PDF than will even bother to read the fine print on a web form, even one that asks for a password.
- Take a look at this form:
The instructions say: “Enter your Hotmail login to see who’s connected and automatically bring your friends into your SMS.ac address book.” It isn’t open-ended; it makes the registration process look as though you have to enter your Hotmail/Yahoo password. Of course, you can click NEXT while leaving the password blank, but the flow of the process doesn’t make this option evident: users will most likely fill out the form simply because they see it there. Here’s what they see next:
“Per your request?” This is definitely deceptive phrasing; at no point has it made a request to import all contacts. Note also how the explanation puts ‘Next’ in quotes with a capital letter, while ‘manual selection’ is left lowercase and unquoted, with the corresponding button set unobtrusively to the lower left. Maybe I’m just being paranoid; perhaps it’s just a case of poorly written copy and badly designed flow. Or do they really not want users selecting the option which sends less than the maximum possible amount of spam?
- In truth, I see nothing wrong with offering invitations for a service; I’d even venture to say there’s little wrong with an invitation whose
From:address is the same as the user’s. Gmail does this. The problem is with subtly leading the user into a crawl of his address book and contact list, then repeatedly hammering the found targets with invitations while the user has no idea that his name is being stamped onto multiple messages, multiple times, to multiple people.
- Sean of SMS.ac, though annoying in his smugness, is right: this is the internet (or more appropriately, the hinternet) — people who aren’t careful end up with adware, spyware, trojans, spam, and popups. Responsible companies try to protect their users from their own naivete. SMS.ac, however, appears to exploit it, and should therefore be avoided.
In the feedback thread, “Sean” then goes on to insult other commenters — an object lesson straight from SMS.ac on how not to endear the company to past and potential clientele when you’re out astroturfing on weblogs.